United States Patent and Trademark Ofhce 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria. Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 


FILING DATE 


FIRST X.AMED IX\'ENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


10/530,293 


04/04/2005 


Mats Naslund 


3995-42 


4649 



23117 7590 01/06/2010 

NKON & VANDERHYE, PC 

901 NORTH glebe ROAD, 1 ITH FLOOR 

ARLINGTON, VA 22203 



EXAMINER 



SCHWARTZ, DARREN B 



PAPER NUMBER 



2435 



MAIL DATE 



01/06/2010 



DELIVERY MODE 



PAPER 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 





Application No. 

10/530,293 


Applicant(s) 

NASLUND ET AL. 


Examiner 

DARREN SCHWARTZ 


Art Unit 

2435 





~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address ~ 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from ttie mailing date of ttiis communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133), 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 13 October 2009 . 
2a )□ This action is FINAL. 2b)|^ Tiiis action is non-final. 

3) Q Since tiiis application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 44 and 46-78 is/are pending in the application. 

4a) Of the above claim(s) 63-78 is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) 0 Claim(s) 44 and 46-62 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

^0)\Z\ The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1 ) ^ Notice of References Cited (PTO-892) 

2) n Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) ^ Information Disclosure Statement(s) (PTO/SB/08) 

Paper No(s)/Mail Date 10-13-09 . 



4) O Interview Summary (PTO-41 3) 

Paper No(s)/Mail Date. . 

5) Q Notice of Informal Patent Application 

6) □ Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 08-06) 



Office Action Summary 



Part of Paper No./Mail Date 20091028 



Application/Control Number: 10/530,293 Page 2 

Art Unit: 2435 

DETAILED ACTION 

Applicant amends claims 44 & 48 and cancels claim 45. 
Claims 44 and 46-62 are presented for examination. 

Response to Arguments 

Applicant's arguments with respect to claims 44 and 46-62 have been considered 
but are moot in view of the new grounds of rejection. 

The fact that the Examiner may not have specifically responded to any particular 
arguments made by Applicant and Applicant's Representative, should not be construed 
as indicating Examiner's agreement therewith. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 

invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

1 . Claims 44, 46-59 and 61 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Wireless Identity Module," 12 July 2001, Wireless Application 
Protocol, WAP-260-WIM-20010712-a, hereinafter referred to as WIM, in view of 
Ogasawara (U.S. Pat 4853522 A), hereinafter referred to as Ogasawara. 

Re claim 44 : WIM teaches a tamper-resistant security device (page 94: "13,2 
Wiy for Networks Not Utilizing s Smartcard Based SiM; hi nei;wofts lhat do not utiiize a 
sniartcarxj based S^y, the W^M can be implemented ... in a tamper-resistant device, 
otiier tiian a smartcard") for use in a user device (page 8: "An exampie of a WiM 
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impiemeniation is a sniart card, in the phone: it can be the Subscnber identity Moduie 
(SiM) card or an externai smart card.") comprising: 

memory for storing user credentials, including at lest a security key associated 
with a user of the user device; an Authentication and Key Agreement (AKA) module for 
performing an AKA process with said security key (page 8: 'Tfje i'V'4F l(ienl%- Mody/e 

espedaiiy, to store and prooess informatbn needed fer user identtftcatbn and 
authentb&tion. The functionaiity presented here based on the requirement that 
sensitts/e data, espedaliy keys, can be stored In the WIM, and ail operations where 
these t<eys are involved can be penornmd in the WIM.."); 

a hardware communications interface for receiving one or more external AKA 
process commands from a device external to the tamper-resistant security device and 
returning processing results performed in the tamper-resistant security device in 
response to the one or more AKA process commands (Page 8: "The VVAF' identity 
iVloduie (W^ivl) is used in pertorming WTLS and application ievei security functions, and 
especiaiiy, to store and pr?>cess information needed for user identrfscation and 
authentication. The functionaiiry presented here is based on the requirement that 
sensitive data, especiaiiy i^eys, can be stored in ihe WiM, and aii operations where 
these ii:eys are involved can be perlbrmed in the Wiivl;" "An exampie of a VVii\^ 
irnpien^eniation is s smart car^J, in the phone, it can be the Subscriber kientity Moduie 
(Siivl) card or an exiernai smart card. The way which a piione and a srnarl card Interact 
is specified as a command-response protocoi, using Application Protocol Data Unils 
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(APDU) specific to this appiicaiion. This specification is based on ^807816 series of 
standards on smart cards and Ihe rsiated GSM specifications [GSM 1 1.11], where 
appiicabie." page 17, section 6.1, 1|2-1|3; page 18, section 6.2.2). 

However, WIIVI does not expressly disclose a cooperating application, contained 
within ttie tamper-resistant security device and liaving been given access riglits to 
access the AKA module, configured to selectively receive the one or more AKA process 
commands and selectively provide enhanced security processing of the one or more 
AKA process commands. 

Ogasawara teaches a cooperating application (col 2, lines 37-39), contained 
within the tamper-resistant security device [Figure 1] and having been given access 
rights to access the AKA module, configured to selectively receive the one or more AKA 
process commands and selectively provide enhanced security processing of the one or 
more AKA process commands (col 2, lines 66-67; col 3, lines 29-37; col 3, lines 55-66; 
col 4, lines 30-35). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM with the teachings of 
Ogasawara, for the purpose of authenticating commands prior to granting access; it is 
known In the art that authentication preceding further actions preempts potential 
security Issues. 

The combination of WIM and Ogasawara teaches an application interface 
internal to the tamper-resistant security device for interfacing said AKA module and said 
cooperating application so that the cooperating application performs the enhanced 
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security processing in conjunction witli tine AKA module witliin tine tamper-resistant 
security device (WIIVI: page 8: "An example of 8 W^M impiementation is a smart card, 
the phone, it can be the Subscriber Identity Moduie (SiM ) card or an externai s?Tsart 
carcJ, The way which a phone and a smart card interact is specified as a command- 
response probcoi, using Application PrDtocoi Data Units (APDU) specific to this 
application. This specification is based on 1S07816 series of standards on smart cards 
and the related GSM specifications [GSM1 1.11], where applicable." Ogasawara: col 2, 
lines 43-45). 

Re claim 46 : The combination of WIM and Ogasawara teaches enhanced 
security processing includes at least one of: pre-processing of at least one AKA input 
parameter; and post-processing of at least one AKA output parameter (WIM: page 26: 
section 7.2.4.6; page 31 : "Establishing pre-master secret"). 

Re claim 47 : The combination of WIM and Ogasawara teaches enhanced 
security processing includes encapsulation of said at least one AKA parameter (WIM: 
page 21 : section 7.2.2.1 ; page 43: section 9.4.6). 

Re claim 48 : The combination of WIM and Ogasawara teaches cooperating 
application is configured to receive at least one AKA parameter from said AKA process 
to generate a further AKA parameter that has higher security than said received AKA 
parameter (WIM: page 8: "This specriication does not define exact requirements for 
tamper-resistsnce. Businesses can enibrce certain requirements and policies using PKl 
based rrsechanisms. Appiications should only accept certificates signed by Ceruficatson 
Authorities thai, are known to fuifiii the requirements and policies. PKl functionality 
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(including WTLS client auiheniication with private keys, and WM LScripi: digitai 
signatures) can be impiemented in pure software in normai PDAs or phones, using 
password protection, encryption etc. However, such irrspiementations cannot be 
considered as W^lvl implementations, and are oui: oi' scope of this specification. At the 
sarne time, service interfaces defined in ihis specification may be usefui for designing 
iniarnai soitware interlaces for these implementations,"). 

Re claim 49 : Tine combination of WIM and Brown teaclies enlianced security 
processing includes evaluation of a predetermined number of consecutive AKA input 
parameters for verifying that said AKA input parameters can be used securely (WIM: 
page 18: "Signature verificaLion by WiM may be used in cases where an application 
needs verification capability (e.g. certificate or end entity signature verification) but the 
verification algorithm is not present in the ME, or the verification algorithm 
implementation is more efficient in the \NM"). 

Re claim 50 : The combination of WIM and Ogasawara teaches enhanced 
security processing further includes combination of a predetermined number of 
consecutive AKA output parameters generated in response to a number of 
corresponding unique AKA input parameters (WIM: see various APDU commands: 
pages 74-78). 

Re claim 51 : The combination of WIM and Ogasawara teaches means for 
registration or detection of information representative of security conditions in relation to 

said tamper-resistant security device; and means for performing security policy 
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processing based on said information (col 2, lines 66-67; col 3, lines 29-37; col 3, lines 
55-66; col 4, lines 30-35). 

Re claim 52 : The combination of WIM and Ogasawara teaches the security 
conditions reflect at least one of an environment in which said security device is 
operated and a network interface over which a request for AKA processing originates 
(WIM: page 8: "The Wsreiess AppHc8i;on P?'otocoi (WAP) ss a resuit of continuous work 
to define an industry-wide specification for developing appiications that operate over 
wireiess {X'>sT;niunicstic'»> 5 nfv^vvo-'ks,"). 

Re claim 53 : The combination of WIM and Ogasawara teaches security policy 
processing includes at least one of a security policy decision process and a security 
policy enforcement process (WIM: page 8: "This specification does not define exact 
requirements for tarnper-resistance. Businesses can enforce certain requirements and 
poiicies using PKI based rrsechanisrns. Applications should only accept certificates 
signed by Certification Aui-horities that are i^nown to fulhii the requirements and 
policies-"). 

Re claim 54 : The combination of WIM and Ogasawara teaches means for 
performing security policy processing comprises means for selectively disabling direct 
access to said AKA module (WIM: page 95: "in a typical case, the PiN-G^ is used to 
PfDtect aii files (which need to be protected) and keys except non-repudiation keys. If 
the PIN-G is not disabled, the ME must send the PIN--G after the WIM application is 
selected, In order to be able to use keys and peri<)rm other operations that require the 
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PiN-G. More precisely, i.he ME SHOULD do i.he foilowing when the secure funciions are 
reouirBd the first time."). 

Re claim 55 : The combination of WIM and Ogasawara teaches tamper-resistant 
security device comprises means for detecting whether said tamper-resistant security 
device is operated in its normal environment or in an environment considered insecure 
(WIM: page 49: "For tiie VVAP-WTLS appiication there are two predefined SEs with their 
associated number."), and said means for performing security policy processing 
comprises means for disabling direct access to said AKA module when operated in said 
insecure environment (WIM: page 95: "In a typical case, the P^N-G is used to protect ail 
fiies (which need to be protected) and i<>eys except non-repudiation i^eys. if the F'iN-G is 
not disabled,, the ME must send the P^N~G after the VV1M application is selected, in 
order to be able to use i<eys and perlbrrn other operations that require the PiN-G, More 
precisely, the ME SHOULD do the following when the secure functions are required the 
siro-i usne. ). 

Re claim 56 : The combination of WIM and Ogasawara teaches said cooperating 
application includes a security enhancing application, and said security device further 
comprises means for transferring a request for AKA processing directly to said AKA 
module if said security device is operated in an environment considered secure, and 
means for transferring said request to said security enhancing application if said 
security device is operated in an environment considered insecure (WIM: page 74, 
section 1 1 .3.6.4: "PERFORM SECURITY OPERATIONS"). 
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Re claim 57 : Tine combination of WIM and Ogasawara teaches cooperating 
application is performing at least part of the computations in connection with end-to-end 
key agreement between users (WIM: page 26, section 7.2.4.5: "WIM-KeyAgreement"). 

Re claim 58 : The combination of WIM and Ogasawara teaches cooperating 
application is masking key information generated by said AKA module (WIM: page 17: 
"The W^y is used to proteci permanent, iypicaiiy certmed, priyate keys. The WIM stores 
these keys and perforrris operations using these keys;" page 18: "Application levei 
security operations that use the W^y inciude sigrssng and unwrapping a key"). 

Re claim 59 : The combination of WIM and Ogasawara teaches cooperating 
application is a software application installed in an application environment of said 
tamper-resistant security device (WIM: page 63: "The WIM application may have to 
reside on the card with oiher appiications, eg, GSM. It is selected using an Application 
Identifier (AID) which is a corrsblnation of a Registered Application Provider Identifier 
(RID) and a Proprietary Appiicaison Identifier Extension (PIX) [IS07816~6]."). 

Re claim 61 : The combination of WIM and Ogasawara teaches cooperating 
application is a privacy enhancing application, which participates in managing a user 
pseudonym (WIM: page 12: "A tamper-resistant device which Is used in perlbrrrsing 
WTLS and application level security functions^ and especially, Id store and process 
inforniaiion needed for user identification and authentication."). 

2. Claim 60 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wireless 
Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260-WIM- 
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2001 071 2-a, hereinafter referred to as WIM, Ogasawara (U.S. Pat 4853522 A), 
hereinafter referred to as Ogasawara, in further view of Vatanen et al (WO 00/48416), 
hereinafter referred to as Vatanen. 

Re claim 60 : The combination of WIM and Ogasawara teaches all the limitations 
of claim 59 as previously discussed. 

However, Vatanen teaches said application is securely downloaded into said 
tamper-resistant security device from a trusted party (page 4, line 34 - page 5, line 3). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM and Ogasawara with the 
teachings of Vatanen, for the purpose of installing authenticate applications on a 
portable device, as is known in the art. 



3. Claim 62 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wireless 
Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260-WIM- 
2001 071 2-a, hereinafter referred to as WIM, Ogasawara (U.S. Pat 4853522 A), 
hereinafter referred to as Ogasawara, in further view of Miyoshi (U.S. Pat Pub 
2003/0074570 Al), hereinafter referred to as Miyoshi. 

Re claim 62 : The combination of WIM and Ogasawara teaches all the limitations 
of claim 61 as previously discussed. 

However, Vatanen teaches said privacy enhancing application is requesting an 
AKA response from said AKA module based on an old user pseudonym and for 
generating a new user pseudonym based on the received AKA response (Fig 5: 
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elements "RETURN TEMPORARY INTERFACE ID" and "DISTRIBUTE NEW REAL 
INTERFACE ID"). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM and Ogasawara with the 
teachings of Vatanen, for the purpose of updating access information on portable 
devices, as is known in the art. 



Conclusion 

Examiner's Note: Examiner has cited particular columns and line numbers in the 
references applied to the claims above for the convenience of the applicant. Although 
the specified citations are representative of the teachings of the art and are applied to 
specific limitations within the individual claim, other passages and figures may apply as 
well. It is respectfully requested from the applicant in preparing responses to fully 
consider the references in entirety as potentially teaching all or part of the claimed 
invention, as well as the text of the passage taught by the prior art or disclosed by the 
examiner. 

In the case of amending the claimed invention, Applicant is respectfully 
requested to indicate the portion(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to DARREN SCHWARTZ whose telephone number is 
(571)270-3850. The examiner can normally be reached on 7am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571 )272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/□. S./ 

Examiner, Art Unit 2435 
/Kimyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 



